NordVPN, TorGuard and VikingVPN disclose security breaches

João Silva writes: NordVPN, one of the most well-known VPN provider, had confirmed a security breach in early 2018. At fault, there’s the data centre provider from Finland, where the server was hosted. The data centre provider used an insecure remote management system that NordVPN was “unaware” of. Although NordVPN seems to be playing down the occurrence, there’s an anonymous post on 8chan, shared by Cryptostorm’s Twitter account, that claims that the hacker had root access to the server. NordVPN states that the TLS key that was stolen was expired, and no VPN traffic could be decrypted. The same 8chan user showed access to servers from two other VPN providers – TorGuard and VPNViking. Read more on KitGuru. Over on Fortune, Lisa Marie Segarra has more about the NordVPN incident and NordVPN’s denial that they were hacked: “We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers,” NordVPN spokesperson Daniel Markuson said in a statement. “We are taking all the necessary means to enhance our security.” The breach came when a hacker exploited an expired key to access the server. But since the server contained no user activity logs, and none of the VPN’s applications send user-created credentials for authentication, the company said, usernames and passwords for the service could not have been intercepted either. In addition, the method used to breach the network could not be used to compromise Nord’s other servers. Read more on Fortune. See also Brian Krebs’ post about how the Avast and NordVPN Breaches Were Both Tied to Phantom User Accounts.

Categories

Related Posts

Statement from Endeavor Energy Resources (via MRT): “Endeavor Energy Resources, L.P. (“Endeavor”), an oil and gas exploration and production company, discovered on Jan. 14 that earlier that day an unauthorized party, through a phishing scam, Read more…

On January 21 and January 31, this site reported on a ransomware attack by Maze Team on CrossroadsNet or Crossroads Technologies. It wasn’t even clear who was attacked, as one entity had no web site, Read more…